Conflict with other plugin (Logged in)

  • Resolved danilocubrovic

    (@danilocubrovic)


    4 years, 4 months ago

    Hi again.
    Have good progress with your plugin but we have one more obstacle.
    When we enable external login in settings that break other plugin that is important to us https://sr.www.ads-software.com/plugins/loggedin/
    That plugin works only in allow mode but not in Block mode that we use.
    (Block mode is to prevent logged user to logged again while first session is active)
    I will report this issue for that author too.

Viewing 11 replies - 1 through 11 (of 11 total)
  • Thread Starter danilocubrovic

    (@danilocubrovic)

    I have posted similiar question here https://www.ads-software.com/support/topic/conflict-with-other-plugin-external-login/

    Plugin Author tbenyon

    (@tbenyon)

    Hey @danilocubrovic,

    As I’m sure you will understand, compatibility with other plugins and other code is beyond the scope of the support forum.

    I imagine it is due to both plugins using the authenticate hook.

    I have one suggestion which is find where the above hook is called in both plugins.

    In External Login the line looks like this:
    add_filter('authenticate', 'exlog_auth', 10, 3);

    It can be found in login/authenticate.php.

    The 10 in this case represents the priority. I would suggest first making it lower than the number used in your other plugin and testing. Then make it higher than the number used in the other plugin and test.

    If neither of these work the only other suggestion I have would require you modifying one of the plugins to call the functionality of the other plugin at the correct point in the flow. This would be a chunk of custom work and if you’re not able to do this your self then you would have to pay for a developer to do this work for you.

    Let me know how you get on,

    Thanks,

    Tom

    Thread Starter danilocubrovic

    (@danilocubrovic)

    I know that no one can’t guarantee compliance between plugins with such high numbers of plugins and diversity. Just needed pointers to help me look further.
    As I se other plugin does not use authenticate but wp_authenticate_user and there is no priority there.
    add_filter( ‘wp_authenticate_user’, array( $this, ‘validate_allow_logic’ ) );

    validate_allow_logic is rather simple

    public function validate_allow_logic( $user ) {
    // If login validation failed already, return that error.
    if ( is_wp_error( $user ) ) {
    return $user;
    }

    // Only when block method.
    if ( ‘block’ === get_option( ‘loggedin_logic’, ‘allow’ ) ) {
    // Check if limit exceed.
    if ( $this->reached_limit( $user->ID ) ) {
    return new WP_Error( ‘loggedin_reached_limit’, $this->error_message() );
    }
    }

    return $user;
    }

    This other plugin uses check_password too for other type of check and this works well with your plugin, but this type of check is just not good enough for me.
    // Use password check filter.
    add_filter( ‘check_password’, array( $this, ‘validate_block_logic’ ), 10, 4 );

    If you have more pointers straight out of your head before I start further investigation feel free to shoot it here ??

    Plugin Author tbenyon

    (@tbenyon)

    Not sure what those snippets you’ve shown above are. Are they from the other plugin and the only its you need or are you sharing them as you feel they are the most likely candidates to clash with External Login?

    What are you trying to achieve with the other plugin?

    1. Only allow one session by rejecting login if they have an already active session?
    2. ???

    If it’s simple enough, there is a hook in external login that allows you block user login with custom logic. You could put the checks that the other plugin is doing in this location.

    The hooks are documented in the FAQ section and the one that may be of interest is “exlog_hook_filter_custom_should_exclude”.

    Thread Starter danilocubrovic

    (@danilocubrovic)

    That’s good pointer for me.
    Yes this is other plugin I need too check on user login and this check not working if I enable external login.

    Yes. Only allow one session by rejecting login if they have an already active session.

    I will try to achieve this these days by combining your hook with other plugin check logic. Thanks. If I manage to solve it I will post it here to help other users in future..

    Plugin Author tbenyon

    (@tbenyon)

    Sounds awesome. I’m going to mark this as resolved but I’m happy to discuss things further with you if you require a ‘rubber duck’.

    And yes, that would be great if you find a solution to post it back here. I’d be interested to know and I’m sure someone in the future will find it useful!

    Good luck with your project ??

    Thread Starter danilocubrovic

    (@danilocubrovic)

    One more thing please.
    I see that this hook exlog_hook_filter_custom_should_exclude designed to return true/false from there.
    But is it somehow possible to set error message for logging from there?
    If user is already logged I want them to get message “User already logged” and not username password not found or similar.

    Plugin Author tbenyon

    (@tbenyon)

    That is a good idea! ??

    I could check to see if a string was returned and display that as an error message.

    I’ve got a busy few days but I’ll try and get this done for you next week.

    Tom ??

    Plugin Author tbenyon

    (@tbenyon)

    Hey @danilocubrovic,

    I just wanted to let you know that I have added your feature request of being able to give custom error messages for the exclude hook.

    Now if you return a string the user will be blocked and the string will be used as the error for the user. Heres an example:

    
function myExlogCustomExcluder($userData) {
    return strtotime($userData['expiry']) < strtotime('now') ? 'Your account has expired' : false;
}
add_filter('exlog_hook_filter_custom_should_exclude', 'myExlogCustomExcluder', 10, 1);

    The change is in release 1.11.0.

    Thanks,

    Tom ??

    Thread Starter danilocubrovic

    (@danilocubrovic)

    Thanks a lot Tom. This works great!

    It took me some time to get back to this project and test it.
    This is my current code, in case someone find it useful for their purposes.
    It combines part of the code from loggedin plugin to prevent double logins with hooks for your plugin.

    So it will forbid multiple log in for same user, unless that user have admin or editor role.

    function loggedin_bypass_roles( $prevent, $user_id ) {
    $allowed_roles = array( ‘administrator’, ‘editor’ );
    $user = get_user_by( ‘id’, $user_id );
    $roles = ! empty( $user->roles ) ? $user->roles : array();
    return ! empty( array_intersect( $roles, $allowed_roles ) );
    }
    add_filter( ‘loggedin_bypass’, ‘loggedin_bypass_roles’, 10, 2 );

    function bypass( $user_id ) {
    return (bool) apply_filters( ‘loggedin_bypass’, false, $user_id );
    }

    function reached_limit( $user_id ) {
    if ( bypass( $user_id ) ) {
    return false;
    }
    $maximum = 1;
    $manager = WP_Session_Tokens::get_instance( $user_id );
    $count = count( $manager->get_all() );
    $reached = $count >= $maximum;
    return $reached;
    }

    function myExlogCustomExcluder($userData) {
    $uname = $userData[‘name’];
    $user = get_user_by(‘login’,$uname);
    if($user)
    {
    $user_id = $user->ID;
    if ( reached_limit( $user_id ) ) {
    return “User is already logged.”;
    }
    }
    return false;
    }
    add_filter(‘exlog_hook_filter_custom_should_exclude’, ‘myExlogCustomExcluder’, 10, 1);

    Plugin Author tbenyon

    (@tbenyon)

    Hey @danilocubrovic,

    That’s great news and thanks for sharing your code for others ??

    If it all works I’d be grateful if you could write a review or even buy me a beer.

    Good luck with your project ??

    Tom

Viewing 11 replies - 1 through 11 (of 11 total)
  • The topic ‘Conflict with other plugin (Logged in)’ is closed to new replies.